Vulnerabilities > Redhat > Single Sign ON > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-14 CVE-2023-1108 Infinite Loop vulnerability in multiple products
A flaw was found in undertow.
network
low complexity
redhat netapp CWE-835
7.5
2023-02-23 CVE-2022-4492 Unspecified vulnerability in Redhat products
The undertow client is not checking the server identity presented by the server certificate in https connections.
network
low complexity
redhat
7.5
2022-09-13 CVE-2022-1278 Insecure Default Initialization of Resource vulnerability in Redhat products
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
network
low complexity
redhat CWE-1188
7.5
2022-08-31 CVE-2022-1259 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-08-31 CVE-2022-1319 A flaw was found in Undertow.
network
low complexity
redhat netapp
7.5
2022-08-26 CVE-2022-0084 Allocation of Resources Without Limits or Throttling vulnerability in Redhat products
A flaw was found in XNIO, specifically in the notifyReadClosed method.
network
low complexity
redhat CWE-770
7.5
2022-08-26 CVE-2021-3632 Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in Keycloak.
network
high complexity
redhat CWE-287
7.5
2022-08-26 CVE-2021-3859 A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2.
network
low complexity
redhat netapp
7.5
2022-08-23 CVE-2021-3690 Memory Leak vulnerability in Redhat products
A flaw was found in Undertow.
network
low complexity
redhat CWE-401
7.5
2022-08-05 CVE-2022-2668 Unspecified vulnerability in Redhat Keycloak and Single Sign-On
An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled
network
low complexity
redhat
7.2